ERR 100696144 Operation not supported by device

nshenry03's Avatar

nshenry03

14 Sep, 2021 08:45 PM

Which of our tools is giving you problems?

gpg

Attach a screenshot of the version info for all installed components

Screenshot

Describe your problem. Add as much detail as possible.

Running gpg --card-status gives OpenPGP card not available messages:

hnicholas@hnicholas-a01:~$ gpg --card-status -vvv
gpg: using character set 'utf-8'
gpg: no running gpg-agent - starting '/usr/local/MacGPG2/bin/gpg-agent'
gpg: waiting for the agent to come up ... (5s)
gpg: connection to agent established
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device

I enabled logging for scdaemon:

hnicholas@hnicholas-a01:~$ cat ~/.gnupg/scdaemon.conf
debug-all
debug-level guru
disable-ccid
log-file /tmp/scdaemon.log
verbose

I think that the issue is that there is another program using my YubiKey (pcsc_connect failed: sharing violation (0x8010000b)), but I'm not sure...

hnicholas@hnicholas-a01:~$ cat /tmp/scdaemon.log
2021-09-14 14:25:49 scdaemon[20395] listening on socket '/Users/hnicholas/.gnupg/S.scdaemon'
2021-09-14 14:25:49 scdaemon[20395] handler for fd -1 started
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> OK GNU Privacy Guard's Smartcard server ready
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 <- GETINFO socket_name
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> D /Users/hnicholas/.gnupg/S.scdaemon
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> OK
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 <- OPTION event-signal=31
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> OK
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 <- GETINFO version
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> D 2.2.27
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> OK
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 <- SERIALNO
2021-09-14 14:25:49 scdaemon[20395] DBG: enter: apdu_open_reader: portstr=(null)
2021-09-14 14:25:49 scdaemon[20395] detected reader 'Yubico YubiKey OTP+FIDO+CCID'
2021-09-14 14:25:49 scdaemon[20395] detected reader ''
2021-09-14 14:25:49 scdaemon[20395] reader slot 0: not connected
2021-09-14 14:25:49 scdaemon[20395] DBG: leave: apdu_open_reader => slot=0 [pc/sc]
2021-09-14 14:25:49 scdaemon[20395] DBG: enter: apdu_connect: slot=0
2021-09-14 14:25:49 scdaemon[20395] pcsc_connect failed: sharing violation (0x8010000b)
2021-09-14 14:25:49 scdaemon[20395] reader slot 0: not connected
2021-09-14 14:25:49 scdaemon[20395] DBG: leave: apdu_connect => sw=0x10006
2021-09-14 14:25:49 scdaemon[20395] DBG: enter: apdu_close_reader: slot=0
2021-09-14 14:25:49 scdaemon[20395] DBG: enter: apdu_disconnect: slot=0
2021-09-14 14:25:49 scdaemon[20395] DBG: leave: apdu_disconnect => sw=0x0
2021-09-14 14:25:49 scdaemon[20395] DBG: leave: apdu_close_reader => 0x0 (close_reader)
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> ERR 100696144 Operation not supported by device <SCD>
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 <- RESTART
2021-09-14 14:25:49 scdaemon[20395] DBG: chan_7 -> OK

What did you expect instead

Something like:

rchi@foobar: > gpg --card-status
Application ID ...: D2760001240101010001000000490000
Version ..........: 1.1
Manufacturer .....: PPC Card Systems
Serial number ....: 00000049
Name of cardholder: [not set]
Language prefs ...: de
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: forced
Max. PIN lengths .: 254 254 254
PIN retry counter : 3 3 3
Signature counter : 0
Signature key ....: [not set]
Encryption key....: [not set]
Authentication key: [not set]
General key info..: [none]

Describe steps leading to the problem.

I upgraded to macOS Big Sur Version 11.6 and ran:

brew update && brew upgrade && brew upgrade --cask

Are you using any other Mail.app plugins?

Nope

  1. 1 Posted by nshenry03 on 14 Sep, 2021 10:24 PM

    nshenry03's Avatar

    I also ran this:

    killall -9 SecureRemoteAccessExtension
    killall -9 ctkd
    sudo killall -9 ctkd
    sudo killall -SIGKILL -m .*com.apple.ifdreader
    gpgconf --kill all
    

    Which fixed the pcsc_connect failed: sharing violation (0x8010000b) ; however, I'm still having trouble:

    hnicholas@hnicholas-a01:/tmp/homebrew-core$ gpg --card-status -vvvvv
    gpg: using character set 'utf-8'
    gpg: Note: RFC4880bis features are enabled.
    gpg: selecting card failed: Operation not supported by device
    gpg: OpenPGP card not available: Operation not supported by device
    
    2021-09-14 16:20:03 scdaemon[25612] listening on socket '/Users/hnicholas/.gnupg/S.scdaemon'
    2021-09-14 16:20:03 scdaemon[25612] handler for fd -1 started
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> OK GNU Privacy Guard's Smartcard server ready
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 <- GETINFO socket_name
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> D /Users/hnicholas/.gnupg/S.scdaemon
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> OK
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 <- OPTION event-signal=31
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> OK
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 <- GETINFO version
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> D 2.3.2
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> OK
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 <- SERIALNO
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> ERR 100696144 Operation not supported by device <SCD>
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 <- RESTART
    2021-09-14 16:20:03 scdaemon[25612] DBG: chan_7 -> OK
    
  2. Support Staff 2 Posted by Steve on 18 Sep, 2021 11:01 AM

    Steve's Avatar

    Hi nshenry03,

    welcome to the GPGTools support platform. Sorry to hear you are having problems using GPG Suite.

    Could you execute the following commands:

    echo 'shared-access' >> ~/.gnupg/scdaemon.conf
    killall scdaemon
    

    Does that improve the situation?

    Best,
    Steve

  3. 3 Posted by nshenry03 on 20 Sep, 2021 02:08 PM

    nshenry03's Avatar

    That worked! Thanks Steve!

    What does shared-access do? It's not documented in scdaemin's man page.

    hnicholas@hnicholas-a01:~$ man scdaemon | fgrep 'shared-access'
    hnicholas@hnicholas-a01:~$
    
  4. Support Staff 4 Posted by Luke Le on 22 Sep, 2021 09:40 AM

    Luke Le's Avatar

    Hi!

    basically there are two modes how to access a smart card:
    - exclusive mode: only one process can access the smart card at any time. Others will trigger a violation - shared mode: many processes share access to the smart card

    Now macOS has a smart card daemon which runs once the system is started and connects to the smart card as soon as it is available in shared mode. Gnupg itself also has a smart card daemon, but that one by default tries to get exclusive access. The main reason is, that for shared access the daemon has to check if the state or data was altered by a different process and act accordingly, which makes the handling a bit more difficult, at the same time however allows for multiple processes accessing the smart card. In exclusive mode there‘s a guarantee that only one process can modify the smart card state and as such, these checks mentioned before are not necessary.

    We have added shared-access to gnupg since in our experience there was never really a conflict which set the smart card to an incomplete state. GnuPG officially added that option 2.3.x which is the next major version of GnuPG currently being tested.

    Hope that explains what is going on.

  5. 5 Posted by nshenry03 on 29 Sep, 2021 07:59 PM

    nshenry03's Avatar

    Awesome, thanks for the explanation Luke :-)

  6. Support Staff 6 Posted by Steve on 29 Sep, 2021 08:26 PM

    Steve's Avatar

    Glad this is solved for you. I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.

    Best,
    Steve

  7. Steve closed this discussion on 29 Sep, 2021 08:26 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac